<?php
    session_start();
    if ($_SESSION['uid'] == "admin") {
        echo "<div style='position:fixed; right:5%;'>
            <a href='admin.php?p=categories'>Categories<a> ";
        echo "<a href='admin.php?p=admin'>New administrator<a> ";
        echo "<a href='ldap.php'>Log out</a></div>";
        require_once("classes/db.class.php");
        include("mysql.config.php");
        $db = new DataBase($db_address, $db_username, $db_password, $db_db);

        if ($_GET['p']=="categories"){
            echo "<h2 style='position:fixed; top:10%; left:5%;'>Administrator zone</h2>";
            echo "<h3 style='position:fixed; top:15%; left:3%;'>Create or delete catagories</h3>";
            echo "<p style='position:fixed; top:20%; left:3%;'> Delete existing categories </p>";
            echo "<div style='width:280px; padding:10px;border:3px solid lightgray;
                background-color:#EEEEFF; position:fixed; top:28%; left:3%;'><form method='POST'>";
            echo "<select name='cat' style='width:275px;'>";
            $uzkl = "SELECT * FROM `categories` WHERE '1'='1'";
            $r = $db->query($uzkl);
            while($data = $db->fetch($r)){
                echo "<option value='$data->id'>$data->name</option>";
            }
            echo "</select>";
            echo "<input type='submit' style='width:100px; height:30px; position:relative; top:10px; left:175px; background-color:#0033FF; color:white;' name='okd' value='Delete'>";
            echo "</form></div>";

            echo "<p style='position:fixed; top:42%; left:3%;'>Insert new category</p>";
            echo "<div style='width:280px; padding:10px;border:3px solid lightgray;
                background-color:#EEEEFF; position:fixed; top:50%; left:3%;'><form method='POST'>";
            echo "<input type='text' style='width:270px; padding:3px; position:relative; left:5px;' name='nc' placeholder='New category'>";
            echo "<input type='submit' style='width:100px; height:30px; position:relative; top:10px; left:175px; background-color:#0033FF; color:white;' name='oki' value='Add category'>";
            echo "</form></div>";
        } elseif ($_GET['p']=="admin") {
            echo "<h2 style='position:fixed; top:10%; left:5%;'>Administrator zone</h2>";
            echo "<h3 style='position:fixed; top:15%; left:3%;'>Create new administrator</h3>";
            echo "<div style='width:220px; padding:10px;border:3px solid lightgray;
                background-color:#EEEEFF; position:fixed; top:25%; left:3%;'> <form method='POST'>";
            echo "<input type='text' style='width:200px; padding:3px; position:relative; left:10px;' name='user' placeholder='New username' required='required'/><br/>";
            echo "<input type='password' style='width:200px; padding:3px; position:relative; left:10px;' name='pass1' placeholder='New password' required='required'/><br/>";
            echo "<input type='password' style='width:200px; padding:3px; position:relative; left:10px;' name='pass2' placeholder='Repeat password' required='required'/><br/>";
            echo "<input type='submit' style='width:100px; height:30px; position:relative; left:110px; top:10px; background-color:#0033FF; color:white;' name='oka' value='Create'/>";
            echo "</form></div>";
        } else {
            echo "<h2 style='position:fixed; top:10%; left:5%;'>Administrator zone</h2>";
            if (isset($_GET['r'])){
                if ($_GET['r']=="ad")
                    echo "<p style='position:fixed; top:15%; left:3%;'>Administrator was created successfuly</p>";
                if ($_GET['r']=="de")
                    echo "<p style='position:fixed; top:15%; left:3%;'>Category was deleted</p>";
                if ($_GET['r']=="in")
                    echo "<p style='position:fixed; top:15%; left:3%;'>New category was added</p>";
            }
        }

        if (isset($_POST['oka'])) {
            if ($_POST['pass1'] == $_POST['pass2']) {
                $pass = md5($_POST['pass1']);
                $user = $_POST['user'];
                //INSERT INTO `admins`(`id`, `name`, `passw`) VALUES ([value-1],[value-2],[value-3])
                $uzkl = "INSERT INTO `admins` (`name`, `passw`) VALUES ('$user', '$pass')";
                $db->query($uzkl);
                header("location:admin.php?p=home&r=ad");
            }
        }
        if (isset($_POST['okd'])) {
            //DELETE FROM `categories` WHERE 1
            $po = $_POST['cat'];
            $uzkl = "DELETE FROM `categories` WHERE `id`='$po'";
            $db->query($uzkl);
            header("location:admin.php?p=home&r=de");
        }
        if (isset($_POST['oki'])) {
            if ((string)($_POST['nc'])!=""){
                $val = $_POST['nc'];
                //INSERT INTO `categories`(`id`, `name`) VALUES ([value-1],[value-2])
                $uzkl = "INSERT INTO `categories` (`name`) VALUES ('$val')";
                $db->query($uzkl);
                header("location:admin.php?p=home&r=in");
            } else {

            }
        }
    
    } else//session
        echo "<p style='color:red;'>NO PERMISION!!!</p>"
?>
